Spyware-Killing Vista Could Take Out Rivals

There’s a software product coming that has the potential to demote spyware from a security priority to an afterthought: Windows Vista. Spyware has become a serious security problem for users of Microsoft’s operating system over the past years, giving rise to a host of third-party tools to fight the insidious software. But perhaps the best defensive program has yet to ship, some analysts believe.

I have to agree, while it’ll be a little bit harder for Spyware to wind up on your system people will still find ways to get it on there. After all it still pretty much requires a competent user who’s really trying to truly rid any Windows system of spyware.

> OK, so they are installing Kazaa or whatever, Kazaa installer asked for admin pass then installs it and whatever else it wants to.

See above.

Look, the reality of it is that system security is a two-part thing. Half of it is the operating system and its design/tools, and the other half is the users. With Windows XP, both parts of the equation totally suck. With Vista, the first part is pretty much eliminated, but then there’s still the users.

Right now, spyware can install itself with no problems and no warnings. With Vista, if something asks for the administrator password, users might start getting suspicious — “Why does it want my password to open this image?”

Most users might be as stupid as a pile of rocks, but they’re still people, and there’s a reason humanity has advanced how it has — creative and logical thinking.

>The same could be said for oh-so-secure Linux, and >oh-so-secure OS X.

I think for there to be new ones, there would first have to be old ones. With the exception of browser cookies (which can be argued whether they are actually spyware or not) there are no adware/spyware/malware in Linux, at least none that I’ve seen in the many years of using it.

The only ad supported software I remember seeing was Opera, and they don’t even do that anymore. No one in the Linux world would use any adware crap, a lot of people go there because of the adware/spyware that Windows has.

Perhaps, but if Linux on the desktop becomes widespread, we’ll see more adware. Forgive me for generalizing, but right now, the majority of desktop Linux users are tech sawy people, and the rest is often less sawy friends, relatives or partners of said people, running on locked-down installs set up for them.

These people aren’t interesting for the spyware companies. The interesting group is the “technically illiterate” who can’t understand that the internet can be dangerous, and who think that people give away flashy media players and programs to add fancy animated smileys to e-mails (I hate those ads!) for free with no strings attached. The people who think that pop-up ads disguising as system dialogs are legit, etc.

If/when Linux for the desktop achieves success among those users, it’s just a matter of time before we see a surge of spyware aimed at them. You don’t need root to infest a Linux system with adware, all you need is to make the user run a shell script and without knowing it add a dozen of advertising bots to their system logon, etc.

The only boon is that (unless the program tricks the user into giving away the root password) cleaning it up might get easier than on severely stricken XP systems.

Even if Linux grew so popular that it was targeted by spyware/adware it would be really hard for this software to spread. First, the software installation in most modern distributions is done via repositories (yum, apt, emerge) which contains verified software an it’s very unlikely that any adware comes through. Second, whatever you can install, you can unistall – rpm -e package_name reverts *everything* that has been done with rpm -ihv package_name. This is certainly not the case with Windows installers. Third, no you can’t run any script just like that – user has to give it executable permissions first or run it via command line with sh script_name (I doubt that computer illiterate would use CLI). Fourth, file types cannot be faked just by changing an extension – if the file contains any executable code the window manager will always warn you if you attempt to open it. In conclusion, as long as the OS security is concerned Linux and any other UNIX flavor is secure and the user has to take extra steps before he can perform any potentially dangerous task. If the user is completely ingnorant and provides root password because a software vendor tells him so, then it’s certainly his own fault not OS’s. Anyway, it is much easier to recover from a user mistake/broken software in *NIX than in Windows.

As much as I hate playing devils advocate on that matter (I am a linux-only user for like 5 or 6 years now) I beg to differ.

I am a linux user and computer programmer for a long time and I would have to say that EVERY computer system is hackable. If linux is not being attacked by malware today is just because there is not enough interest in writing such tools.

…there are no adware/spyware/malware in Linux, at least none that I’ve seen in the many years of using it.

Then you haven’t used it much, or at least, not commercially. I’ve seen 4 distinct rootkits for compromised systems in the last 6 years. Granted, all were on systems that didn’t exercise Linux best practices (number one being run a system with current patches) but they are definitely out there.

In every case, running a system with all known patches updated would have prevented the compromise.

1) Run a current O/S, with current patches applied. That alone is probably 97% of the problem, whether you’re running ‘Doze, Macinslosh, or Linux.

2) When the computer does anything unexpected, don’t agree. Close the window – FAST.

3) For Windows, run current antivirus/antispyware. For Mac/Linux, install all updates regularly.

Oh, and did I mention that you need to run all current updates and patches?

Yeah the first page of the article really made me doubt a lot also, but after reading the second page I realized they where just putting pro-windows args on the first and anti-windows args on the second… Therefore I have nothing to comment about that, I agree with the second page. That’s all I say 🙂

OK, so they are installing Kazaa or whatever, Kazaa installer asked for admin pass then installs it and whatever else it wants to.

If you do so, the next thing that happens is that Windows Defender pops up an intimidating dialog with a thick red header that states that the following items of maliscious software has been installed on your system and that it is highly recommended for your own safety that you let it remove them immediately.

Defender also gets automatically updated through Windows Update by default, and is set to perform a daily “quick” scan of key system files, startup folders, registry, etc at two in the morning.

Wether it’ll curb the problem or not is yet to see, but so far I have pretty high hopes for it.

Even then Vista forces you to think twice. You’re not allowed to romp freely even as administrator. If you want to change significant system settings or install things, you get a dialog box alerting you that the action requires elevated rights, and have to click an “Allow” button to continue. (Or “Deny” if it suddenly seemed like a very bad idea. ;-))

Even if Vista is the most secure OS ever, anti-virus/spyware software will still sell well. People are just too used to the idea that they have to have it. And the anti-virus companies aren’t going to convince them otherwise.

The Linspire head guy once stated how the only reason they offer an anti-virus app is because the ex-Windows users kept demanding it.

>Even if Vista is the most secure OS ever, anti-virus/spyware software will still sell well.

I agree that anti-virus/spyware will always be around, but disagree that the defensive software will still sell well. Why shell out extra bucks, and go through the hassle of an extra install when you can just use what’s bundled?

A previous example is firewalls. MS Windows does have a firewall now, but is it replacing third party ones? I’m not sure, but I think it is. Third parties do have to resort to bundling other products with their own in order to add value to the purchase, so it’s hard to say. Zone alarm now comes with antivirus which wasn’t previously bundled with the firewall. We’ll have to see if a no cost anti-spyware is preferable to one you have to pay for.

Windows users, (the majority, not ALL of them), like things simply point and click.

They dont like to have work work their way through countless dialogue boxes and stick in admin passwords all over the place, just to get winamp to work etc…

If this is on a corporate desktop, then too bad. The user is stuck with a limited account.

But on a home machine… everything gets authourised just so the user does not have to read/click all the warnings.

BTW, it is not the same on other systems,,,, All UNIX systems have been designed for over 35 years to be multi-user systems,,, Windows has only been trying this for 6 years and has a long way to go in the game of catch-up.

The problems with spyware may well diminish with Microsoft Vista, but they aren’t going to go away. It will be years befoe Vista is the predominant OS across all the world’s PCs. And Vista or computing generally will spawn new issues and little fringe industries will spring up to service those. It’s just economics really. There is plenty of money to be made by either side – hackers/phishers and patchers/security – in a monopoly OS.

The article doesn’t inspire much confidence, though, with names like Gartmore and Enderle in it. And there’s a fatuous comment about how the spam problem has been licked, which it has not been. So many articles like this are really covert ads for Vista. In their own way, they are the spyware of 2006. They tell us we will be reading some interesting news about technology, but with the intention of implanting buy buy buy in our minds.

Personally I’ll still be downloading 3rd part anti-spyware tools just to make sure that MS & friends aren’t the ones logging my actions.

wrt to running as Admin. There’s still going to be apps/games etc (not necessarily MS’s fault) that are going to needs users to run as Admins and if MS are going to make it too hard there’s only so many pop-ups (requesting authorization) that users are going to be willing to put up with.

Article after article after article on Longhorn/Vista. Is this really going to be the pattern until it fially comes out? I mean, Linux distros get announced when they come out, betas of various OSes get announced when they get released, but with Vista is every article someone can think up to write no matter how small the detail or how insignificant the basis. This is not news, this pure hype for the sake of Microsoft only you’re not getting paid for it. You post all these articles, and you yourselves don’t see it the overload of these kind of articles??

Yes. You kow why? Whether you like it or not, Windows is the OS for about 90-95% of the world’s computer users, and as such, it will have a lot of focus on a website called Operating System News. Don’t like it? Leave. We don’t care.

This is not news, this pure hype for the sake of Microsoft only you’re not getting paid for it.

Not news? See above. And if you want to make out for yourself what’s news and what’s not– go ahead and start your own website! Seriously.

You post all these articles, and you yourselves don’t see it the overload of these kind of articles??

We have been hearing this kind of rhetoric for years. The fact is Microsoft’s has an abysmal record when it comes to security with its Windows platform. Ever since Windows 2000 and ‘trusted computing’ security issues with Windows have, if anything, become worse. Now why should Vista be any different? Because of changes in user privileges?

Sorry, Windows is a great platform for games and multimedia but it is not a secure platform, in any flavor. Many industry experts have claimed it, many incidents have proved it.

Unfortunately, though, I know many who have. It’s too bad that the XP OS can be run perfectly well, if you follow certain rules … but most users are either ignorant of those rules, or don’t follow them.

If that happened people would just stop making ActiveX controls (people being spyware writers) and start making apps that run outside of IE.

An ActiveX control is NO different than a normal app other than the fact that it is basically an IE plug-in instead of a Windows app.

You still have to tell the app to install for it to do so (it can not be installed without user intervention). If the user is stupid enough to say yes to some random ActiveX control, then they are stupid enough to say yes on a regular Windows installer.

I stopped believing these so-called “analysts” years ago, when I realised all these “surveys” and “benchmarks”, etc., are all MS paid. All of these websites, PC magazines and such nonsense literally work for MS. The last time I read PC Magazine I noticed every single page in it has a “We recommend Microshmock Windows XP for bla bla bla”.

Having it baked in will just lull people into a false sense of security. Since Windows Defender will soon become the No.1 used anti spyware product (through OEM distribution), that also means it’ll be the number 1 targetted software to be disabled or damaged. The end user will think they’re protected because Windows says so, but that’s rarely the case. I don’t really see a lot changing, other than the same spyware level as always, but just less people utilizing a product that actually works (like AdAware-SE or Spybot)

I don’t see how they can claim spyware will go away if they’re still using the same old code. As long as they continue to build in support for programs that are decades old, there will be holes that can’t be closed.

Perhaps if they actually rebuilt the entire system from the ground up, they could actually make it secure. They have the opportunity with the shift to 64-bit. But as long as they continue to use the same structure and just keep building onto it, they will never be able to fully close off all holes.

Suffering from spyware has NOTHING to do with the security of the system (save for automatic installing of spyware, or such, which can not be done on Windows today). It has to do with the security concious person sitting at the keyboard.

A user has to install the stuff before it can cause any problems. And even then, if the system is set up properly, it can only effect that particular user, and not the entire system.

Spyware is not the same thing as a virus, which takes advantage of problems (or even features) inherant in the system and spreads itself, not through user interaction (though today, usually you have to have user interaction).

Spyware can be installed automatically when running IE, normally through ActiveX, not to mention the various other ways. I’ll agree that the user is at fault because they could lock down the system, but if the system wasn’t so easy to get into, it would be a moot point, wouldn’t it?

It’s the same principle that Mac and Linux users have been saying forever; the system isn’t inherently open to allow viruses, spyware, adware, etc. to do what they will.

When I have to use Windows and IE for any reason, I have it locked down (no ActiveX, things have to ask permission, etc). But whenever I run AdAware or Spybot, I’m still showing spyware was installed on my system.

Plus, the article expressly implies, as does the title, that Vista will stop spyware because it’s so secure.

That’s not completely true. Before SP2, there were some holes that allowed a site to circumvent the popup and just install stuff automatically.

Have you never had the pleasure of going to a site with IE and having it start installing toolbars and spyware without asking you anything or doing anything else? It’s no fun, and one reason I stopped using IE.

What I dont get is, someone got modded down because they said Linux and OS X will also suffer from the same vulnerabilities as will Vista because the other half of security which is the users…dont know anything abotu spyware and malware. Hell a lot of people who are used to the old XP ways of installing whatever the heck they want without any passwords or protection, are most likely going to go ahead and run their Vista boxes as power users becasue they are simply too lazy or too stupid to learn from their mistakes.

Anyway that said , the article here is all hogwash. Everytime I read the word ‘analysts’ I know that the article is going to be raw sewage. Vista may be a better OS when it is finally released but the spyware writers have become better as well. I hope as much as the net guy that malicious software writers die the most horrible deaths imaginable but we all know wishing that does not really make it true.

My dad is quite literate when it comes to computers. He was showing me the internet on Mosaic long before any of my friends ever heard of the internet. I’m only 26 by the way. Anyways, my dad has his home network running behind a router/firewall, with all the latest updates and third-pary security software.

He was a dedicated Mac user until he ran into problems with constant crashing (I think OS 7 or 8, can somebody clarify for me?), and switched to Windows. He really hates alot of the poorly designed features of Windows, but will not move to Linux (I’ve tried for a while now). Anyways, for all his experience/knowledge he seems to think that not giving the users administrator priveledges by default is a royal pain in the ass. I’ve never know his computer to be crippled by spyware, virus, etc., but you’d think such a logical, pragmatic, telecom engineer would err on the side of caution. No, he does not. If it works for him, more power to him, but I just don’t understand the reluctance to move to a more secure set up. I’m sure that he will start bitching when he gets around to installing Vista. Our discussion of this “feature”, of course, will end in both of us agreeing to disagree.

While I’d love to believe that MS has Vista’s security so tightly wrapped it would be real tough for spy-ware folks to find a way in, reality is setting in on this one.

On-line security has never a strength of Microsoft products. If that were the case companies such as Symantec, MacAfee, Zone Labs, etc., would never have been founded due to a total lack of need.

While Microsoft has touted security, the point that they only incorporated & included a firewall with XP SP2 is a true indicator. A firewall should have been designed by MS for each OS after the original version of Win95.

Microsoft has made billions on an insecure line of Operating Systems (out of the box) from Win 3.1 up to WinXP SP2.

Their success is due more out of a fantastic marketting effort than superior products.

Now let’s look towards the future. I do not believe that companies such as Symantec, MacAfee, who made their millions (and/or billions) plugging the holes left be MS will be going away any time soon.

Why? Microsoft, I believe, will pull out everything they have to maximize Vista’s debut.